gsd-2023-44487
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2023-44487", "id": "GSD-2023-44487" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-44487" ], "details": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", "id": "GSD-2023-44487", "modified": "2023-12-13T01:20:39.166130Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2023-44487", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", "refsource": "MISC", "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "name": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", "refsource": "MISC", "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "name": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", "refsource": "MISC", "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "name": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", "refsource": "MISC", "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "name": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", "refsource": "MISC", "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "name": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", "refsource": "MISC", "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "name": "https://news.ycombinator.com/item?id=37831062", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=37831062" }, { "name": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", "refsource": "MISC", "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "name": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", "refsource": "MISC", "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "name": "https://github.com/envoyproxy/envoy/pull/30055", "refsource": "MISC", "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "name": "https://github.com/haproxy/haproxy/issues/2312", "refsource": "MISC", "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "name": "https://github.com/eclipse/jetty.project/issues/10679", "refsource": "MISC", "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "name": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", "refsource": "MISC", "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "name": "https://github.com/nghttp2/nghttp2/pull/1961", "refsource": "MISC", "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "name": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", "refsource": "MISC", "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "name": "https://github.com/alibaba/tengine/issues/1872", "refsource": "MISC", "url": "https://github.com/alibaba/tengine/issues/1872" }, { "name": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", "refsource": "MISC", "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "name": "https://news.ycombinator.com/item?id=37830987", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=37830987" }, { "name": "https://news.ycombinator.com/item?id=37830998", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=37830998" }, { "name": "https://github.com/caddyserver/caddy/issues/5877", "refsource": "MISC", "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "name": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", "refsource": "MISC", "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "name": "https://github.com/bcdannyboy/CVE-2023-44487", "refsource": "MISC", "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "name": "https://github.com/grpc/grpc-go/pull/6703", "refsource": "MISC", "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "name": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", "refsource": "MISC", "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "name": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", "refsource": "MISC", "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "name": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", "refsource": "MISC", "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "name": "https://my.f5.com/manage/s/article/K000137106", "refsource": "MISC", "url": "https://my.f5.com/manage/s/article/K000137106" }, { "name": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", "refsource": "MISC", "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "name": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", "refsource": "MISC", "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "name": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", "refsource": "MISC", "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "name": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", "refsource": "MISC", "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "name": "https://github.com/microsoft/CBL-Mariner/pull/6381", "refsource": "MISC", "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "name": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "name": "https://github.com/facebook/proxygen/pull/466", "refsource": "MISC", "url": "https://github.com/facebook/proxygen/pull/466" }, { "name": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", "refsource": "MISC", "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "name": "https://github.com/micrictor/http2-rst-stream", "refsource": "MISC", "url": "https://github.com/micrictor/http2-rst-stream" }, { "name": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", "refsource": "MISC", "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "name": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", "refsource": "MISC", "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "name": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", "refsource": "MISC", "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "name": "https://github.com/h2o/h2o/pull/3291", "refsource": "MISC", "url": "https://github.com/h2o/h2o/pull/3291" }, { "name": "https://github.com/nodejs/node/pull/50121", "refsource": "MISC", "url": "https://github.com/nodejs/node/pull/50121" }, { "name": "https://github.com/dotnet/announcements/issues/277", "refsource": "MISC", "url": "https://github.com/dotnet/announcements/issues/277" }, { "name": "https://github.com/golang/go/issues/63417", "refsource": "MISC", "url": "https://github.com/golang/go/issues/63417" }, { "name": "https://github.com/advisories/GHSA-vx74-f528-fxqg", "refsource": "MISC", "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "name": "https://github.com/apache/trafficserver/pull/10564", "refsource": "MISC", "url": "https://github.com/apache/trafficserver/pull/10564" }, { "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", "refsource": "MISC", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "name": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", "refsource": "MISC", "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "name": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", "refsource": "MISC", "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "name": "https://www.openwall.com/lists/oss-security/2023/10/10/6", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "name": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", "refsource": "MISC", "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "name": "https://github.com/opensearch-project/data-prepper/issues/3474", "refsource": "MISC", "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "name": "https://github.com/kubernetes/kubernetes/pull/121120", "refsource": "MISC", "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "name": "https://github.com/oqtane/oqtane.framework/discussions/3367", "refsource": "MISC", "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "name": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", "refsource": "MISC", "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "name": "https://netty.io/news/2023/10/10/4-1-100-Final.html", "refsource": "MISC", "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "name": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "refsource": "MISC", "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "name": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", "refsource": "MISC", "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "name": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", "refsource": "MISC", "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "name": "https://news.ycombinator.com/item?id=37837043", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=37837043" }, { "name": "https://github.com/kazu-yamamoto/http2/issues/93", "refsource": "MISC", "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "name": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", "refsource": "MISC", "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "name": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", "refsource": "MISC", "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "name": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", "refsource": "MISC", "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "name": "DSA-5522", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5522" }, { "name": "DSA-5521", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5521" }, { "name": "https://access.redhat.com/security/cve/cve-2023-44487", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "name": "https://github.com/ninenines/cowboy/issues/1615", "refsource": "MISC", "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "name": "https://github.com/varnishcache/varnish-cache/issues/3996", "refsource": "MISC", "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "name": "https://github.com/tempesta-tech/tempesta/issues/1986", "refsource": "MISC", "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "name": "https://blog.vespa.ai/cve-2023-44487/", "refsource": "MISC", "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "name": "https://github.com/etcd-io/etcd/issues/16740", "refsource": "MISC", "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "name": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", "refsource": "MISC", "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "name": "https://istio.io/latest/news/security/istio-security-2023-004/", "refsource": "MISC", "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "name": "https://github.com/junkurihara/rust-rpxy/issues/97", "refsource": "MISC", "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "name": "https://bugzilla.suse.com/show_bug.cgi?id=1216123", "refsource": "MISC", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "name": "https://ubuntu.com/security/CVE-2023-44487", "refsource": "MISC", "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "name": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", "refsource": "MISC", "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "name": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", "refsource": "MISC", "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "name": "https://github.com/apache/httpd-site/pull/10", "refsource": "MISC", "url": "https://github.com/apache/httpd-site/pull/10" }, { "name": "https://github.com/projectcontour/contour/pull/5826", "refsource": "MISC", "url": "https://github.com/projectcontour/contour/pull/5826" }, { "name": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", "refsource": "MISC", "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "name": "https://github.com/line/armeria/pull/5232", "refsource": "MISC", "url": "https://github.com/line/armeria/pull/5232" }, { "name": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", "refsource": "MISC", "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "name": "https://security.paloaltonetworks.com/CVE-2023-44487", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "name": "https://github.com/akka/akka-http/issues/4323", "refsource": "MISC", "url": "https://github.com/akka/akka-http/issues/4323" }, { "name": "https://github.com/openresty/openresty/issues/930", "refsource": "MISC", "url": "https://github.com/openresty/openresty/issues/930" }, { "name": "https://github.com/apache/apisix/issues/10320", "refsource": "MISC", "url": "https://github.com/apache/apisix/issues/10320" }, { "name": "https://github.com/Azure/AKS/issues/3947", "refsource": "MISC", "url": "https://github.com/Azure/AKS/issues/3947" }, { "name": "https://github.com/Kong/kong/discussions/11741", "refsource": "MISC", "url": "https://github.com/Kong/kong/discussions/11741" }, { "name": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", "refsource": "MISC", "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "name": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", "refsource": "MISC", "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "name": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", "refsource": "MISC", "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "name": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", "refsource": "MISC", "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "name": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", "refsource": "MISC", "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "name": "FEDORA-2023-ed2642fd58", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "name": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", "refsource": "MISC", "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "name": "https://security.netapp.com/advisory/ntap-20231016-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "name": "[oss-security] 20231018 Vulnerability in Jenkins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "name": "FEDORA-2023-54fadada12", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "name": "FEDORA-2023-5ff7bf1dd8", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "name": "FEDORA-2023-17efd3f2cd", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "name": "FEDORA-2023-d5030c983c", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "name": "FEDORA-2023-0259c3f26f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "name": "FEDORA-2023-2a9214af5f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "name": "FEDORA-2023-e9c04d81c1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "name": "FEDORA-2023-f66fc0f62a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "name": "FEDORA-2023-4d2fd884ea", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "name": "FEDORA-2023-b2c50535cb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "name": "FEDORA-2023-fe53e13b5b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "name": "FEDORA-2023-4bf641255e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "name": "DSA-5540", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5540" }, { "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "name": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", "refsource": "MISC", "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "name": "FEDORA-2023-1caffb88af", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "name": "FEDORA-2023-3f70b8d406", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "name": "FEDORA-2023-7b52921cae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "name": "FEDORA-2023-7934802344", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "name": "FEDORA-2023-dbe64661af", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "name": "FEDORA-2023-822aab0a5a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "name": "DSA-5549", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5549" }, { "name": "FEDORA-2023-c0c6a91330", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "name": "FEDORA-2023-492b7be466", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "name": "DSA-5558", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5558" }, { "name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "name": "GLSA-202311-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202311-09" }, { "name": "DSA-5570", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5570" }, { "name": "https://security.netapp.com/advisory/ntap-20240426-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" } ] } }, "nvd.nist.gov": { "cve": { "cisaActionDue": "2023-10-31", "cisaExploitAdd": "2023-10-10", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5200E35-222B-42E0-83E0-5B702684D992", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3BDC297-F023-4E87-8518-B84CCF9DD6A8", "versionEndExcluding": "1.57.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*", "matchCriteriaId": "D12D5257-7ED2-400F-9EF7-40E0D3650C2B", "versionEndExcluding": "4.1.100", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*", "matchCriteriaId": "1B058776-B5B7-4079-B0AF-23F40926DCEC", "vulnerable": true }, { "criteria": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*", "matchCriteriaId": "6D565975-EFD9-467C-B6E3-1866A4EF17A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D487271-1B5E-4F16-B0CB-A7B8908935C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4A6F189-6C43-462D-85C9-B0EBDA8A4683", "versionEndExcluding": "9.4.53", "vulnerable": true }, { "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "matchCriteriaId": "C993C920-85C0-4181-A95E-5D965A670738", "versionEndExcluding": "10.0.17", "versionStartIncluding": "10.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "matchCriteriaId": "08E79A8E-E12C-498F-AF4F-1AAA7135661E", "versionEndExcluding": "11.0.17", "versionStartIncluding": "11.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "matchCriteriaId": "F138D800-9A3B-4C76-8A3C-4793083A1517", "versionEndExcluding": "12.0.2", "versionStartIncluding": "12.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*", "matchCriteriaId": "6341DDDA-AD27-4087-9D59-0A212F0037B4", "versionEndExcluding": "2.7.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "328120E4-C031-44B4-9BE5-03B0CDAA066F", "versionEndExcluding": "1.20.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A", "versionEndExcluding": "1.21.3", "versionStartIncluding": "1.21.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*", "matchCriteriaId": "D7D2F801-6F65-4705-BCB9-D057EA54A707", "versionEndExcluding": "0.17.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*", "matchCriteriaId": "801F25DA-F38C-4452-8E90-235A3B1A5FF0", "versionEndExcluding": "0.17.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D93F04AD-DF14-48AB-9F13-8B2E491CF42E", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7522C760-7E07-406F-BF50-5656D5723C4F", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A7F605E-EB10-40FB-98D6-7E3A95E310BC", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "783E62F2-F867-48F1-B123-D1227C970674", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6603ED6A-3366-4572-AFCD-B3D4B1EC7606", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "88978E38-81D3-4EFE-8525-A300B101FA69", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0510296F-92D7-4388-AE3A-0D9799C2FC4D", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7698D6C-B1F7-43C1-BBA6-88E956356B3D", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "05E452AA-A520-4CBE-8767-147772B69194", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "596FC5D5-7329-4E39-841E-CAE937C02219", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3C7A168-F370-441E-8790-73014BCEC39F", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF16FD01-7704-40AB-ACB2-80A883804D22", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "9167FEC1-2C37-4946-9657-B4E69301FB24", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B4B3442-E0C0-48CD-87AD-060E15C9801E", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "20662BB0-4C3D-4CF0-B068-3555C65DD06C", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "59203EBF-C52A-45A1-B8DF-00E17E3EFB51", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8F39403-C259-4D6F-9E9A-53671017EEDB", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "220F2D38-FA82-45EF-B957-7678C9FEDBC1", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C698C1C-A3DD-46E2-B05A-12F2604E7F85", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "922AA845-530A-4B4B-9976-4CBC30C8A324", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F938EB43-8373-47EB-B269-C6DF058A9244", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1771493E-ACAA-477F-8AB4-25DB12F6AD6E", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "87670A74-34FE-45DF-A725-25B804C845B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7E422F6-C4C2-43AC-B137-0997B5739030", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC3F710F-DBCB-4976-9719-CF063DA22377", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "67DB21AE-DF53-442D-B492-C4ED9A20B105", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C9FCBCB-9CE0-49E7-85C8-69E71D211912", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "112DFA85-90AD-478D-BD70-8C7C0C074F1B", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "21D51D9F-2840-4DEA-A007-D20111A1745C", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BC1D037-74D2-4F92-89AD-C90F6CBF440B", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FBCE2D1-9D93-415D-AB2C-2060307C305A", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "8070B469-8CC4-4D2F-97D7-12D0ABB963C1", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "A326597E-725D-45DE-BEF7-2ED92137B253", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B235A78-649B-46C5-B24B-AB485A884654", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "08B25AAB-A98C-4F89-9131-29E3A8C0ED23", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "98D2CE1E-DED0-470A-AA78-C78EF769C38E", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC36311E-BB00-4750-85C8-51F5A2604F07", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "A65D357E-4B40-42EC-9AAA-2B6CEF78C401", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABBD10E8-6054-408F-9687-B9BF6375CA09", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6018B01-048C-43BB-A78D-66910ED60CA9", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "83794B04-87E2-4CA9-81F5-BB820D0F5395", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9EC2237-117F-43BD-ADEC-516CF72E04EF", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "29563719-1AF2-4BB8-8CCA-A0869F87795D", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "D24815DD-579A-46D1-B9F2-3BB2C56BC54D", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0A6E7035-3299-474F-8F67-945EA9A059D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0360F76D-E75E-4B05-A294-B47012323ED9", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A4607BF-41AC-4E84-A110-74E085FF0445", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "441CC945-7CA3-49C0-AE10-94725301E31D", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "969C4F14-F6D6-46D6-B348-FC1463877680", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "41AD5040-1250-45F5-AB63-63F333D49BCC", "versionEndIncluding": "1.8.2", "versionStartIncluding": "1.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8257AA59-C14D-4EC1-B22C-DFBB92CBC297", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFF5007E-761C-4697-8D34-C064DF0ABE8D", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "910441D3-90EF-4375-B007-D51120A60AB2", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "667EB77B-DA13-4BA4-9371-EE3F3A109F38", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A6F9699-A485-4614-8F38-5A556D31617E", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A90F547-97A2-41EC-9FDF-25F869F0FA38", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E76E1B82-F1DC-4366-B388-DBDF16C586A0", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "660137F4-15A1-42D1-BBAC-99A1D5BB398B", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C446827A-1F71-4FAD-9422-580642D26AD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "D47B7691-A95B-45C0-BAB4-27E047F3C379", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CD1637D-0E42-4928-867A-BA0FDB6E8462", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A599F90-F66B-4DF0-AD7D-D234F328BD59", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D1B2000-C3FE-4B4C-885A-A5076EB164E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F", "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6", "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F", "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8AB23AE6-245E-43D6-B832-933F8259F937", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "matchCriteriaId": "1188B4A9-2684-413C-83D1-E91C75AE0FCF", "versionEndIncluding": "1.25.2", "versionStartIncluding": "1.9.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3337609D-5291-4A52-BC6A-6A8D4E60EB20", "versionEndIncluding": "2.4.2", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CF0ABD9-EB28-4966-8C31-EED7AFBF1527", "versionEndIncluding": "3.3.0", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "F291CB34-47A4-425A-A200-087CC295AEC8", "versionEndExcluding": "r29", "versionStartIncluding": "r25", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*", "matchCriteriaId": "5892B558-EC3A-43FF-A1D5-B2D9F70796F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", "matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B", "versionEndIncluding": "8.5.93", "versionStartIncluding": "8.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34", "versionEndIncluding": "9.0.80", "versionStartIncluding": "9.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "matchCriteriaId": "0765CC3D-AB1A-4147-8900-EF4C105321F2", "versionEndIncluding": "10.1.13", "versionStartIncluding": "10.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*", "matchCriteriaId": "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*", "matchCriteriaId": "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*", "matchCriteriaId": "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", "matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", "matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", "matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*", "matchCriteriaId": "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*", "matchCriteriaId": "49350A6E-5E1D-45B2-A874-3B8601B3ADCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*", "matchCriteriaId": "5F50942F-DF54-46C0-8371-9A476DD3EEA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*", "matchCriteriaId": "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*", "matchCriteriaId": "98792138-DD56-42DF-9612-3BDC65EEC117", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*", "matchCriteriaId": "08190072-3880-4EF5-B642-BA053090D95B", "versionEndExcluding": "1.28.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", "matchCriteriaId": "5F4CDEA9-CB47-4881-B096-DA896E2364F3", "versionEndExcluding": "1.56.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", "matchCriteriaId": "E65AF7BC-7DAE-408A-8485-FBED22815F75", "versionEndIncluding": "1.59.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", "matchCriteriaId": "DD868DDF-C889-4F36-B5E6-68B6D9EA48CC", "versionEndExcluding": "1.58.3", "versionStartIncluding": "1.58.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*", "matchCriteriaId": "FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "matchCriteriaId": "4496821E-BD55-4F31-AD9C-A3D66CBBD6BD", "versionEndExcluding": "6.0.23", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DF7ECF6-178D-433C-AA21-BAE9EF248F37", "versionEndExcluding": "7.0.12", "versionStartIncluding": "7.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C3418F4-B8BF-4666-BB39-C188AB01F45C", "versionEndExcluding": "6.0.23", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA", "versionEndExcluding": "7.0.12", "versionStartIncluding": "7.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314", "versionEndExcluding": "2023-10-08", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "16A8F269-E07E-402F-BFD5-60F3988A5EAF", "versionEndExcluding": "17.2.20", "versionStartIncluding": "17.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8", "versionEndExcluding": "17.4.12", "versionStartIncluding": "17.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA5834D4-F52F-41C0-AA11-C974FFEEA063", "versionEndExcluding": "17.6.8", "versionStartIncluding": "17.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "2166106F-ACD6-4C7B-B0CC-977B83CC5F73", "versionEndExcluding": "17.7.5", "versionStartIncluding": "17.7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F", "versionEndExcluding": "10.0.14393.6351", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1", "versionEndExcluding": "10.0.14393.6351", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", "matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3", "versionEndExcluding": "10.0.17763.4974", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9F9A643-90C6-489C-98A0-D2739CE72F86", "versionEndExcluding": "10.0.19044.3570", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC", "versionEndExcluding": "10.0.19045.3570", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63", "versionEndExcluding": "10.0.22000.2538", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B", "versionEndExcluding": "10.0.22621.2428", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "C61F0294-5C7E-4DB2-8905-B85D0782F35F", "versionEndExcluding": "18.18.2", "versionStartIncluding": "18.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "matchCriteriaId": "69843DE4-4721-4F0A-A9B7-0F6DF5AAA388", "versionEndExcluding": "20.8.1", "versionStartIncluding": "20.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*", "matchCriteriaId": "B25279EF-C406-4133-99ED-0492703E0A4E", "versionEndExcluding": "2023-10-11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5", "versionEndExcluding": "2023-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C", "versionEndExcluding": "2023.10.16.00", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDEB508E-0EBD-4450-9074-983DDF568AB4", "versionEndExcluding": "3.6.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "93A1A748-6C71-4191-8A16-A93E94E2CDE4", "versionEndExcluding": "8.1.9", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A", "versionEndExcluding": "9.2.3", "versionStartIncluding": "9.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F70360D-6214-46BA-AF82-6AB01E13E4E9", "versionEndExcluding": "2.5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2DA759E-1AF8-49D3-A3FC-1B426C13CA82", "versionEndExcluding": "4.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF", "versionEndExcluding": "1.17.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0C8E760-C8D2-483A-BBD4-6A6D292A3874", "versionEndExcluding": "1.18.3", "versionStartIncluding": "1.18.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7", "versionEndExcluding": "1.19.1", "versionStartIncluding": "1.19.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*", "matchCriteriaId": "050AE218-3871-44D6-94DA-12D84C2093CB", "versionEndExcluding": "2023-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*", "matchCriteriaId": "B36BFFB0-C0EC-4926-A1DB-0B711C846A68", "versionEndExcluding": "2.10.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "376EAF9B-E994-4268-9704-0A45EA30270F", "vulnerable": true }, { "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "F3D08335-C291-4623-B80C-3B14C4D1FA32", "vulnerable": true }, { "criteria": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "21033CEE-CEF5-4B0D-A565-4A6FC764AA6D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*", "matchCriteriaId": "FC4C66B1-42C0-495D-AE63-2889DE0BED84", "versionEndExcluding": "2023-10-11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*", "matchCriteriaId": "8633E263-F066-4DD8-A734-90207207A873", "versionEndIncluding": "2.12.5", "versionStartIncluding": "2.12.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*", "matchCriteriaId": "34A23BD9-A0F4-4D85-8011-EAC93C29B4E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*", "matchCriteriaId": "27ED3533-A795-422F-B923-68BE071DC00D", "vulnerable": true }, { "criteria": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*", "matchCriteriaId": "45F7E352-3208-4188-A5B1-906E00DF9896", "vulnerable": true }, { "criteria": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*", "matchCriteriaId": "DF89A8AD-66FE-439A-B732-CAAB304D765B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*", "matchCriteriaId": "A400C637-AF18-4BEE-B57C-145261B65DEC", "versionEndExcluding": "1.26.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "653A5B08-0D02-4362-A8B1-D00B24C6C6F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F0FD736A-8730-446A-BA3A-7B608DB62B0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4C504B6-3902-46E2-82B7-48AEC9CDD48D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B4BE2D6-43C3-4065-A213-5DB1325DC78F", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D54F5AE-61EC-4434-9D5F-9394A3979894", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E37E1B3-6F68-4502-85D6-68333643BDFF", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D5A7736-A403-4617-8790-18E46CB74DA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F13B03-69BF-4A8B-A0A0-7F47FD857461", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "9393119E-F018-463F-9548-60436F104195", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC45EE1E-2365-42D4-9D55-92FA24E5ED3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E567CD9F-5A43-4D25-B911-B5D0440698F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB4D6790-63E5-4043-B8BE-B489D649061D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*", "matchCriteriaId": "78698F40-0777-4990-822D-02E1B5D0E2C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", "matchCriteriaId": "B87C8AD3-8878-4546-86C2-BF411876648C", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", "matchCriteriaId": "A58966CB-36AF-4E64-AB39-BE3A0753E155", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*", "matchCriteriaId": "585BC540-073B-425B-B664-5EA4C00AFED6", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "72A54BDA-311C-413B-8E4D-388AD65A170A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF93A27E-AA2B-4C2E-9B8D-FE7267847326", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B12A3A8-6456-481A-A0C9-524543FCC149", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E22EBF9-AA0D-4712-9D69-DD97679CE835", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*", "matchCriteriaId": "941B114C-FBD7-42FF-B1D8-4EA30E99102C", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "339CFB34-A795-49F9-BF6D-A00F3A1A4F63", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D044DBE-6F5A-4C53-828E-7B1A570CACFF", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*", "matchCriteriaId": "65203CA1-5225-4E55-A187-6454C091F532", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF8EFFB-5686-4F28-A68F-1A8854E098CE", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DA9B2E2-958B-478D-87D6-E5CDDCD44315", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", "matchCriteriaId": "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", "matchCriteriaId": "97321212-0E07-4CC2-A917-7B5F61AB9A5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF390236-3259-4C8F-891C-62ACC4386CD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", "matchCriteriaId": "C0AAA300-691A-4957-8B69-F6888CC971B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", "matchCriteriaId": "45937289-2D64-47CB-A750-5B4F0D4664A0", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*", "matchCriteriaId": "B129311C-EB4B-4041-B85C-44D5E53FCAA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1AB54DB-3FB4-41CB-88ED-1400FD22AB85", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", "matchCriteriaId": "77675CB7-67D7-44E9-B7FF-D224B3341AA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", "matchCriteriaId": "9C877879-B84B-471C-80CF-0656521CA8AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", "matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", "matchCriteriaId": "E315FC5C-FF19-43C9-A58A-CF2A5FF13824", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "848C92A9-0677-442B-8D52-A448F2019903", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F564701-EDC1-43CF-BB9F-287D6992C6CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "12B0CF2B-D1E1-4E20-846E-6F0D873499A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8885C2C-7FB8-40CA-BCB9-B48C50BF2499", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "A903C3AD-2D25-45B5-BF4A-A5BEB2286627", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2792650-851F-4820-B003-06A4BEA092D7", "versionEndExcluding": "10.5.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "9F6B63B9-F4C9-4A3F-9310-E0918E1070D1", "versionEndExcluding": "3.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "E6FF5F80-A991-43D4-B49F-D843E2BC5798", "versionEndIncluding": "2.414.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "54D25DA9-12D0-4F14-83E6-C69D0293AAB9", "versionEndIncluding": "2.427", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E1AFFB9-C717-4727-B0C9-5A0C281710E2", "versionEndExcluding": "9.4.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", "matchCriteriaId": "25C85001-E0AB-4B01-8EE7-1D9C77CD956E", "versionEndExcluding": "1.21.4.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*", "matchCriteriaId": "F98F9D27-6659-413F-8F29-4FDB0882AAC5", "versionEndExcluding": "11.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "C98BF315-C563-47C2-BAD1-63347A3D1008", "versionEndExcluding": "4.1.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "705CBA49-21C9-4400-B7B9-71CDF9F97D8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA2BE0F1-DD16-4876-8EBA-F187BD38B159", "versionEndExcluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*", "matchCriteriaId": "796B6C58-2140-4105-A2A1-69865A194A75", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEA99DC6-EA03-469F-A8BE-7F96FDF0B333", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*", "matchCriteriaId": "6560DBF4-AFE6-4672-95DE-74A0B8F4170A", "versionEndExcluding": "x14.3.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "84785919-796D-41E5-B652-6B5765C81D4A", "versionEndExcluding": "7.4.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*", "matchCriteriaId": "92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E", "versionEndExcluding": "4.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD", "versionEndExcluding": "9.3.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FE2F959-1084-48D1-B1F1-8182FC9862DD", "versionEndExcluding": "7.2.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F", "versionEndExcluding": "3.10.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BB6B48E-EA36-40A0-96D0-AF909BEC1147", "versionEndExcluding": "11.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CBED844-7F94-498C-836D-8593381A9657", "versionEndExcluding": "2.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510", "versionEndExcluding": "2.19.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "358FA1DC-63D3-49F6-AC07-9E277DD0D9DA", "versionEndExcluding": "x14.3.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFF2D182-7599-4B81-B56B-F44EDA1384C0", "versionEndExcluding": "2024.01.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*", "matchCriteriaId": "4868BCCA-24DE-4F24-A8AF-B3A545C0396E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*", "matchCriteriaId": "194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A", "versionEndExcluding": "2024.02.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEC75F99-C7F0-47EB-9032-C9D3A42EBA20", "versionEndExcluding": "2024.02.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6638F4E-16F7-447D-B755-52640BCB1C61", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC34F742-530E-4AB4-8AFC-D1E088E256B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*", "matchCriteriaId": "D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "E22AD683-345B-4E16-BB9E-E9B1783E09AD", "versionEndExcluding": "12.6.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*", "matchCriteriaId": "2955BEE9-F567-4006-B96D-92E10FF84DB4", "versionEndExcluding": "1.22", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "67502878-DB20-4410-ABA0-A1C5705064CD", "versionEndExcluding": "17.15.1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", "matchCriteriaId": "177DED2D-8089-4494-BDD9-7F84FC06CD5B", "versionEndExcluding": "7.11.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "54A29FD3-4128-4333-8445-A7DD04A6ECF6", "versionEndExcluding": "15.1.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "67074526-9933-46B3-9FE3-A0BE73C5E8A7", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", "versionEndExcluding": "10.2\\(7\\)", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", "versionEndExcluding": "10.3\\(5\\)", "versionStartIncluding": "10.3\\(1\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", "matchCriteriaId": "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", "matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", "matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "29B34855-D8D2-4114-80D2-A4D159C62458", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C84D24C-2256-42AF-898A-221EBE9FE1E4", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", "matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", "matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", "versionEndExcluding": "10.2\\(7\\)", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", "versionEndExcluding": "10.3\\(5\\)", "versionStartIncluding": "10.3\\(1\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", "matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "24CA1A59-2681-4507-AC74-53BD481099B9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", "matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", "matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", "matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", "matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", "matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", "matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F1127D2-12C0-454F-91EF-5EE334070D06", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", "matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "73F59A4B-AE92-4533-8EDC-D1DD850309FF", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "492A2C86-DD38-466B-9965-77629A73814F", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FB7AA46-4018-4925-963E-719E1037F759", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", "matchCriteriaId": "B04484DA-AA59-4833-916E-6A8C96D34F0D", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "D07B5399-44C7-468D-9D57-BB5B5E26CE50", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E128053-834B-4DD5-A517-D14B4FC2B56F", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "85E1D224-4751-4233-A127-A041068C804A", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD31B075-01B1-429E-83F4-B999356A0EB9", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", "vulnerable": false }, { "criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", "matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "descriptions": [ { "lang": "en", "value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023." }, { "lang": "es", "value": "El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023." } ], "id": "CVE-2023-44487", "lastModified": "2024-04-26T09:15:07.677", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-10-10T14:15:10.883", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage", "Third Party Advisory" ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "source": "cve@mitre.org", "tags": [ "Technical Description", "Vendor Advisory" ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage", "Third Party Advisory" ], "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "source": "cve@mitre.org", "tags": [ "Technical Description", "Vendor Advisory" ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "source": "cve@mitre.org", "tags": [ "Technical Description", "Vendor Advisory" ], "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "source": "cve@mitre.org", "tags": [ "Technical Description", "Third Party Advisory" ], "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/Azure/AKS/issues/3947" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/Kong/kong/discussions/11741" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "source": "cve@mitre.org", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/akka/akka-http/issues/4323" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/alibaba/tengine/issues/1872" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/apache/apisix/issues/10320" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/apache/httpd-site/pull/10" }, { "source": "cve@mitre.org", "tags": [ "Product", "Third Party Advisory" ], "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "source": "cve@mitre.org", "tags": [ "Product", "Third Party Advisory" ], "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/apache/trafficserver/pull/10564" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "source": "cve@mitre.org", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://github.com/dotnet/announcements/issues/277" }, { "source": "cve@mitre.org", "tags": [ "Product", "Release Notes", "Vendor Advisory" ], "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/facebook/proxygen/pull/466" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/golang/go/issues/63417" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/h2o/h2o/pull/3291" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "source": "cve@mitre.org", "tags": [ "Product", "Vendor Advisory" ], "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/line/armeria/pull/5232" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/micrictor/http2-rst-stream" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://github.com/nodejs/node/pull/50121" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/openresty/openresty/issues/930" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/projectcontour/contour/pull/5826" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Vendor Advisory" ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Vendor Advisory" ], "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "source": "cve@mitre.org", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://my.f5.com/manage/s/article/K000137106" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://news.ycombinator.com/item?id=37830987" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Press/Media Coverage" ], "url": "https://news.ycombinator.com/item?id=37830998" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://news.ycombinator.com/item?id=37831062" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://news.ycombinator.com/item?id=37837043" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage", "Third Party Advisory" ], "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5540" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5549" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5558" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5570" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "source": "cve@mitre.org", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage" ], "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage", "Third Party Advisory" ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.